Slashdot Mirror
Symantec Restricts Crypto Export
PhilK writes "Symantec is now refusing to sell LC5 (the Windows password cracking tool, previously from @stake) to anyone outside of the USA and Canada, claiming new Homeland Security laws. Symantec declined to field questions on the rationale for its policy and whether it applies to other products." From the article: "Symantec's restrictions recall the dark days of the crypto wars when users outside the US were not entitled to buy products featuring strong ciphers. These rules, relaxed by the Clinton administration and following a long running campaign by cryptography experts and net activists, are once again rearing their head. Symantec's response to our reader (below) suggests the policy was imposed on it by the US government."
Back in the day, crypto was classified as munitions under ITAR. This restriction was lifted principally because some smart eggs figured out that since the U.S. doesn't have a monopoly on math (no matter how much they might wish that to be the case), foreign countries could develop their own algorithms, so all the U.S was doing was shooting themselves in the foot by restricting what they could do in the international market.
And now, Dubya & Company want to try to restrict crypto once again. I really wish I could say I was surprised, but this is sadly a completely predictable move.
This strategy is doomed to failure, not only because foreign companies are perfectly able to develop their own products, but because these 'restricted' products are easily available on warez servers all over the world. If I want a copy of LC5, I can get one in less than five minutes, entirely free of charge, and I don't need to be in the U.S. to do it.
You might think that D&C would at least try to just keep tabs on international users of LC5 (after all, a wasp in a tent is a lot friendlier when you can see it), but instead, they choose the option to ban export, insuring that truly malicious users will stay well under the radar. Well done, George.
____
~ |rip/\/\aster /\/\onkey
I can't believe that few people see the flagrant violation of the 1st amendment in restricting expression and speech when government prevents code from crossing borders. Even without looking into COnstitutionally protected actions, why do you allow your government to make these victimless-crime laws? You can't stop code from crossing borders (not even in China). If the code does leave this country, it has hurt no one in the process. If some madman uses a Windows password cracking tool to steal a password and hurt someone, it is called trespass and there are already laws governing it.
Anyone still supporting the two big parties in this country is continuing to get what they deserve, I believe. There is no slippery slope of tyranny anymore, they're over the cliff and falling straight down.
In other news piracy of crypto applications have risen dramatically in non-US countries.
Really now, do they think if they just dont sell it that it wont end up in the hands of those who they dont want to have it? Please.
brute forcing passwords is nothing like an encryption algorithm, what the hell is really going on here?
All your Cyphers are belong to U.S.
Die Gedanken sind frei
My thoughts freely flower,
Die Gedanken sind frei
My thoughts give me power.
No scholar can map them,
No hunter can trap them,
No man can deny:
Die Gedanken sind frei!
I think as I please
And this gives me pleasure,
My conscience decrees,
This right I must treasure;
My thoughts will not cater
To duke or dictator,
No man can deny--
Die Gedanken sind frei!
Are you listening, Dubya?
"How to Do Nothing," kids activities, back in print!
Bad news: I can't buy a copy of LC5.
Good news: According to another Slashdot story, I can download one for free from a French web site!!
Nobody would be stupid enough to think it is possible to keep a commercial product out of foreign hands. Maybe making it illegal to export this product is just a way to provide an excuse for search/wiretap warrants.
Since I think the administration is at least semi-intelligent, I am looking for the ulterior motive.
What's left for those of us with bad memory, or mongrel mates who change passwords, back to outsourcing the product from the US or maybe Canada. Or just getting a mate over there to crack it post it somewhere online.
Just for once I'd like to not walk the dodgy path of life
Well, since ITAR is no more, why would @stake do this? Marketing, of course! "Our product is so good, we can't sell it to just anyone!" Balderdash... Anyone in the biz knows that LC is obsolete anyway. Don't believe me? Google "Rainbow Tables" and see for yourself...
If you just have to have an automated tool for hash cracking, skip LC and do SamInside. Same functionality, cheap, no copy protection, and integrates with Rainbow Tables as well. Hey Mudge! Still think selling out was a good idea?
hey, the government is just worried that scary e-terrorists that don't know how to download the software for free will break into the dept. of homeland security and compromise the sensitive windows 95 network they've got running.... i, for one, feel safer already.
Yeah, I know, I'm partly at fault. Still, things could have been great.
But hey, we were all just a bunch of FBI Snitches anyway. Which if true means that there is probably a secret back door in L0phtCrack and still in LC5 that transmits all cracked passwords direct to the FBI so that they can get into any server anywhere. Of course if that is true (and of course it is) DHS and Symantec should actively promote the use and distribution of LC5. All the more passwords they can get. Whatever.
- Space Rogue
L0pht Heavy Industries
Whacked Mac Archives
Hacker New Network
Sell Out
FBI Snitch
(Pay no attention to this rambling bitter old man.)
What sad times are these when passing ruffians can say 'Ni' at will to old ladies. There is a pestilence upon this land. Nothing is sacred. Even those who arrange and design cryptographic software are under considerable economic stress at this period in history.
It's true no man is an island, but if you take a bunch of dead guys and tie 'em together, they make a good raft.
http://rainbowtables.shmoo.com.nyud.net:8090/
Bittorrent to Download.
FYI
Alpha-Numeric and 14 Symbols = 11 GB
All Characters and the Space Character = 43 GB
It helps if you have enough RAM to load each 700MB section of table into memory. The longest part of this process (for me) is waiting for my puter to finish reading the tables off the DVD I burnt them too.
BTW- If something is illegal for export, that means the only people who will get in trouble are the exporters, not the people 'illegally' obtaining software.
Hell, if it's illegal to export something, is there any reason to buy it? If you don't do business in/with the U.S or Canada, what is the gov't/company going to do if you pirate unexportable software? Sue you for violating their copyright?
[Fuck Beta]
o0t!
cince it was probably written in the former soviet union.
Almost ALL the good pro cracking tools for passwords come out of the former USSR. We purchased a suite of them to crack documents and databases for use her at work and they work fantastically.
Do not look at laser with remaining good eye.
I travel regularly between the USA and Europe... What's to prevent me from buying several copies of this tool and take them back with me to Europe? Do you think Symantec and/or the shop owner will ask me for my passport before selling me this software?
For that matter, there is a good chance that there are mirrors and/or legal copies of this tool in Europe already. So what's the point? This type of restriction is ridiculous.
Oh, and by the way, I have a copy of O'Reilly's 'Knoppix Hacks' on my desk somewhere. I think there is a recipe in that book to remove or replace the administrator password of a Windows machine using Knoppix. Again, what's the point behind this restriction?
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
(I worked for Symantec for 4.5 years. The money was really nice, but I didn't feel like I sold out to get it...)
So instead of having the opportunity to buy it, they will pirate it. Doesn't seem very effective. If they would let them buy it, they would also have records of people who have bought it.
"Back in the day, crypto was classified as munitions under ITAR."
It still IS controlled (US Department of Commerce) and has been for a while; check your facts.
"foreign companies are perfectly able to develop their own products"
That is not the point. The point is that you don't want US companies AIDING foreign companies in creating cryptography systems to which the details are not known. Yes, I know, the strength of crypto lies in the mathematics not how it is done (read source); but having the algorithm details is also important.
Although the Reg article claims that Symantec appears to have had the restriction imposed by the government, both Symantec and the Register seem to have things a little bit wrong.
For starters, section 5A002 of the ECCN covers hardware. Perhaps Symantec meant section 5D002, software. 5D002.c.1 covers their situation. But the list of restricted countries hasn't changed for quite a while - it's the usual gang: Syria, North Korea, Sudan, etc. It seems to me that Symantec is being a little lazy here. Yes, they have to have an export license to sell the software outside of the US, but the restrictions aren't any more onerous than they were in 1999, when the EAR was updated to move cryptographic software from munitions to commerce.
Oh, and this "news" is almost a month old.
-h-
No they don't! This time, Canadians can buy them too!
With spending like this, exactly what are "conservatives" conserving?
Let us suppose the NSA wants you to put backdoors into your security products and you refuse, what leverage does NSA have? Well, perhaps they might put commercial pressure on the company to comply: by refusing to allow them to sell the product until they do.
I am not sure this is the real reason, but it seems possible.
There is a way for it to be put on /. without going through the front page?
...
I can see restricting something not already overwhelmingly in the public, such as an F22/A fighter, but a commercial product that is easily duplicated? That's dumb. Anyone can easily get a copy illegally or, with some trouble, some smart people can make their own.
All this does is hurt companies like Symantec.
For the most part, I'm not a Bush hater, but I think this is unrealistic and short-sighted.
The export ban always made me laugh because it arrogantly assumed that no one outside of the US/Canada was capable of developing their own encryption technologies.
This is something that British Secret Services have used to their advantage. Public key encryption technologies were developed at GCHQ in the early 70s but unlike the US, they didn't tell anyone until recently so they could use it without anyone knowing.
Something similar was done with Enigma. The fact that Enigma had been cracked was kept very quiet so that Enigma machines could be sold by the Brits to foreign governments after the war and we could listen in! News that we invented the World's first electronic computer was also kept secret for the same reason.
Show me the damn packets!
How the hell is LC5 dumping your infoz to government servers?
This is the stupidest thing I've heard.
Talk about dis-information.
Lets talk more about backdoors to actual encryption algorithms.
And the publicity generated by the ban (not least here on /.) will ensure that it is duly downloaded by the bucketload.
Hell, I hadn't even heard of LC5 before this announcement!
pi = 2*|arg(God)|
stable, horse, bolted and door
Q. make a familiar phrase out of the above
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
A. Closing the stable door after the horse has bolted
How true. Everything from the abuse of interstate commerce laws to abuse of executive privledge and secret laws are all the fed's grab for more power. There is no true state power since SCOTUS decided that fed law can trump state law.
Excuse my speling.
Making The Bar Project
Those in US or Canada pay Symantec for it. Rest of the world downloads it for nothing from Bittorrent or eDonkey and Symantec doesn't get a penny.
astalavista carries Cracking Password With Only Physical Access (pdf) for both windows and linux, of course, with these physical access is required.
http://thepiratebay.org/details.php?id=3361611
;)
export law... yeah
Finally a product I can buy with guaranteed Tech-Support in America.
iRepairIT - iPhone, Mac, & PC Repair
True enough. After all, Clinton forced the DCMA on us; is using the law to prevent the distribution of LC5 any worse than using it to stop the distrubution of DeCSS?
Which gives me an idea. Since most DRM schemes are essentially a form of strong encryption, could this "Homeland Security" law be used to prevent the export of media (DVDs, iTunes songs, Microsoft Reader eBooks, etc.) that are encoded with DRM? If someone manages to use this law to force media companies to sell their products unencumbered with DRM and restore fair use to consumers, then maybe it's not such a bad law after all.
Support Right To Repair Legislation.
The crypto regulations haven't changed since they were relaxed under Clinton. Either Symantec is just too lazy to follow the export licensing procedures which are unchanged, or they're trying to drum up interest for a faltering product by pretending that "the US government doesn't want you foreigners to have it,"or it could even be a crass political ploy to cause the usual fly-off-the-handle sorts to rant against some imagined sin of Bush.
It's quite difficult to take The Register seriously when they post articles such as this. So many of The Register's articles are breathless screeds of the form Civil Liberties to be Abolished in the USA, Film at 11. Remember that the UK has oppressive laws (e.g., the Official Secrets Act) that make the PATRIOT Act in the USA look like a model of civil liberties protection by comparison. I wonder if The Register is secretly funded by the propaganda arms of the UK government.
If LC5 is out of the question now, get something that is already outside the US of A.
For Example:
Login Password Recovery
(and it's easier to use - idiot proof in 3 easy steps!)
The above site has automatic hash extraction with a boot disk and remote instant cracking and doesn't involve illegally exporting software - no fiddling with p2p, bash shells, drivers etc. - I recon my granny could do it!
I suspect that the real reason behind this move is actually that Symantec doens't like the L0phtcrack product. I understand from an @Stake/Symantec contact that Symantec views the password-cracking utility almost like a tool of the enemy. Since Symantec is devoted to data protection, while L0pht/@Stake is more about active intrusion, Symantec would probably just as soon see some of the old @Stake products die, most especially L0phtcrack. This may be just a first step, or else Symantec bowing to pressure from foreign clients, perhaps foreign government clients.
America is pretty damn close to being irrelevant anyway. If we re-ban crypto and these technologies, it will simply give some developing nation a new economy.
Hello, my name is Matthew Pang, and I live in Selangor,Malaysia.(This isnt in the U.S or canada just incase you didnt know that. 5:18pm (GMT)-Decides he wants to get lc5 (just because he saw this on /.)
5:19pm (GMT)-performs this search "http://www.torrentz.com/search_lc5_9_0_0.html"
5:20pm (GMT)-Downloads the torrent file from "http://www.seedler.org/en/iindex.x?a=info&id=1952 55"
5:21pm (GMT)-Launches Azureus and starts torrent download.
5:26pm (GMT)-Azureus completes download.Also seeing.
5:26pm (GMT)-Runs lc5 Setup
5:27pm (GMT)-lc5 setup complete,runs lc5,runs keygen and unloacks lc5
5:28pm (GMT)-Runs a dictionary attack on all password the program sniffed from the local network.Found 7 exposed accounts.2 of which are privelaged.
5:29pm (GMT)-Starts comparison against pre-computed hash tables
The moral of the story: Dont restrict export.It`ll just make angry people like me run out and get it.Also making sure to save a copy to distribute to his friends.
this is up there with putting tape on your windows for chemical attacks and hiding under desks during nukes. i can't believe you guys pay taxes for this. this is what your governtment has come up with to defend you against 'evil'. next up on the defense plan is a paper bag and a sign that says stop hurting me. i can't remember seeing anything in the past while that would prevent someone from actually commiting some form of terrorism. at this rate, Hollywood will have stopped all forms of movie piracy long before the US manages to secure itself.
Here is something really funny for you: I also travel with several CDs (music and/or data) in my luggage. I have never been stopped, not just once, by the US customs.
;-)
I mean, seriously, what's to prevent me from slipping the Symantec CD-ROM in a little Case Logic CD folder, among dozens of other CDs? Do you really think the customs officer are going to check me? Do you think they are going to review each and every CD in my little folder, looking for the illegal-to-export LC5 CD? (short answer: NO).
What about copying an image of the CD on the hard disk of my laptop? Sure, they check laptops, but only to make sure that this is really a computer and not a disguised bomb.
Of course, if the NSA (hi, guys, and thanks for reading this!) decides I am an international terrorist, I am in trouble the next time I set foot in the USA. But I think right now, they are too busy spying on US citizens to bother with me...
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Second, anyone who has to crack passwords with any regularity uses rainbow tables and/or john with customized tables. They are just better tools.
Third, and most amazing to me, the ban assumes that potential terrorists are somewhere "over there" when *all* of the 9/11 hijackers had spent considerable time in North America--some had been here for years. Even if the transfer of the program overseas was able to be blocked (which is impossible, of course), WTF do they plan on doing about the hundreds of millions here now?
The earlier US ban on the export of high-level encryption began to seriously hurt and slow down American technology companies, prompting the lift of the ban. I have a feeling that should such legislation continue, similar pressure to ease restrictions will be properly and successfully applied. I'm not too terribly worried.
Thank God! Because everyone knows that terrorists and other bad people have no contacts in Canada or the US.
Love many, trust a few, do harm to none.
Senator McCarthy would be proud!
There might be foriegners reading this for pete's sake. Let's meet up on IRC in the USA Room (and canada).
I don't understand why someone would wan to buy a program like l0pthcrack when there are better alternative for free... http://ophcrack.sourceforge.net/ is free and uses rainbow table... you don't even need to generate the tables.. you can download them.. there is even a linux live cd so no need to install it or to have admin access... anyways l0pthcrack used to be the thing but now it's outdated..
I remember reading a comment by Bruce Schneir that said something along the lines of "the code is the easy part, the algorithms are the hard part - any high school level CS student can implement the algorithm." So my question is: does the U.S. want to ban all descriptions of cryptographic algorithms in exported books too? And, as has been pointed out, there are more than a few smart people living outside North America, so I'm thinking more than a few countries already roll their own crypto.
NeverEndingBillboard.com
NeverEndingBillboard.com
Dear LC Customer,
The purpose of this letter is to notify you that Symantec Corporation is discontinuing its L0phtCrack (LC) product line and will no longer provide product code updates, enhancements or fixes to this product line.
Key dates in this process are listed below.
Last Date to Order LC5: February 28, 2006
Last Ship Date: March 3, 2006
Customer Help Until Date: December 16, 2006
Symantec will continue to use reasonable commercial efforts to provide available customer support by email to US and Canada based customers who purchased L0phtCrack (LC), products through the dates indicated above. As a courtesy to LC customers, we offer customer help via email regarding product usability inquiries through December 16, 2006.
An FAQ for Licensed Users of L0phtCrack (LC) Products is also attached to help answer commonly asked questions. If you have additional questions about our notification, please contact us by email at mailto:Americas-LCcustserv@symantec.com.
Thank you for your support.
Sincerely,
Sales Operations
Symantec Corporation
FAQ for Licensed Users of L0phtCrack (LC) Products
Question: What versions of the L0phtCrack (LC) product line are impacted by this Sunset Plan?
Answer: All versions of LC product line are impacted as described in this notification to customers. Symantec will discontinue its sale of the current and previously available versions of the product as well as its provision of product upgrades, updates and fixes for all versions of the product effective per the dates mentioned above.
Question: Why is the LC product line being discontinued?
Answer: The LC product line no longer fits into Symantec's future product strategy. As a result, Symantec will not be applying any future development resources to this product line and will discontinue all sales.
Question: What form of customer support is available to licensed users/customers of LC products?
Answer: LC Customers did not pay for technical product support as part of their LC license agreements, and Symantec does not offer technical support for this product line. Customers based in the US and Canada can inquire about general product use/usability by email to Americas-LCcustserv@symantec.com through December 16, 2006. Customers who re-install their licensed copy of LC and need an Unlock Code can submit an email request to Americas-LCcustserv@symantec.com with the following information through December 16, 2006:
LC version number (2.5, LC3, LC4 or LC5):
If LC5, please indicate if you've purchased the Professional or Administrator edition:
LC Serial Number:
Company Name:
Complete Company Address (street, city, state/prov, zip/postal code):
Company URL:
Nature of Business:
Commercial or Public Sector (if Public Sector, please specify government, military or police):
Contact Name:
Contact Phone Number:
Question: Can LC licensed users continue to use LC products after this Sunset Plan notification has been sent to Customers?
Answer: Professional and Administrator users have perpetual license to use the LC product they purchased. Consultant users have one year license from date of product receipt to use the LC product they purchased.
Question: Where can the customer get more information about LC5 and the FAQ Documentation about the product?
Answer: LC5 product information is available with the software installation of the product under the Help menu. Licensed LC customers may also submit product inquiries to Americas-LCcustserv@symantec.com with the following information through December 16, 2006:
LC version number (2.5, LC3, LC4 or LC5):
If LC5, please indicate if you've purchased the Professional or Administrator edition:
LC Serial Number:
Company Name:
Complete Company Address (street, city, state/p
I for one welcome our new encrypted overlord.
(and 1 Socialist?) in Congress
There are 534 socialists in Congress. Only one of them has the intellectual honesty to actually call himself one.
--Avenger
Dear LC Customer,
The purpose of this letter is to notify you that Symantec Corporation is discontinuing its L0phtCrack (LC) product line and will no longer provide product code updates, enhancements or fixes to this product line.
Key dates in this process are listed below.
Last Order Date: February 28, 2006
Last Ship Date: March 3, 2006
Customer Help Until Date: December 16, 2006
Symantec will continue to use reasonable commercial efforts to provide available customer support by email to US and Canada based customers who purchased L0phtCrack (LC) products through the dates indicated above. As a courtesy to LC customers, we offer customer help via email regarding product usability inquiries through December 16, 2006.
An FAQ for Licensed Users of L0phtCrack (LC) Products is also attached to help answer commonly asked questions. If you have additional questions about our notification, please contact us by email at mailto:Americas-LCcustserv@symantec.com.
Thank you for your support.
Sincerely,
Sales Operations Symantec Corporation
But, more importantly, freedom of commerce is one of the lynchpin ideas of liberalism. Hugo Grotius in The Free Sea argued that restriction of trade is essentially an act of war, for freedom of trade is one of the essential human rights: Grotius argues that human beings are limited in what they can provide with their own hands and, therefore, trade is necessity for living and, therefore, negotiating with others is a fundamental right. For the government to step in and infringe upon that right, in this view, is a violation of the very nature of humanity. Consequently, it is incumbent upon the government to demonstrate the necessity of prohibiting trade. Short of being at war with another nation, Grotius would argue that there is no good reason.
Nobody would be stupid enough to think it is possible to keep a commercial product out of foreign hands
It's a bit of stupidity mixed with deviousness. This isn't about restricting tech to foreign countries so likely as it's the ability to arrest/incarcerate anyone who distributes them. The might not be able to control the flow of such tech outside of the country, but it gives them another reason to arrest anyone who they can nail as a distributor should they need an extra charge or two to lay down.
OK, so this is a US law, but the product is available in Canada. So what about Canadian resells? How about me as a user. I could buy the software, and then resell it to somebody in another country. EULA preventing that... how about if I leave the shrink-wrap on, then I haven't agreed to anything.
Not that such laws would actually have a snowball's chance in hell of preventing this software from reaching other countries, but I do wonder when the US includes Canada in their private little party whether or not they expect us to play with their rulebook.
The UK Official Secrets Act covers any material that the government claims is "harmful to national security". There is no public interest defense (there was one, but it was removed in 1989). What's more, it's still a crime even if the information is already in the public domain, and journalists who report such information can also be prosecuted.
In the USA, whistleblowers are protected by law. In the UK, they're thrown in the slammer.
Got this in the mail yesterday:
--
Subject: Sunset Plan for L0phtCrack (LC) Products
Dear LC Customer,
The purpose of this letter is to notify you that Symantec Corporation is
discontinuing its L0phtCrack (LC) product line and will no longer
provide product code updates, enhancements or fixes to this product
line.
Key dates in this process are listed below.
Last Order Date: February 28, 2006
Last Ship Date: March 3, 2006
Customer Help Until Date: December 16, 2006
Symantec will continue to use reasonable commercial efforts to provide
available customer support by email to US and Canada based customers who
purchased L0phtCrack (LC) products through the dates indicated above.
As a courtesy to LC customers, we offer customer help via email
regarding product usability inquiries through December 16, 2006.
An FAQ for Licensed Users of L0phtCrack (LC) Products is also attached
to help answer commonly asked questions. If you have additional
questions about our notification, please contact us by email at
mailto:Americas-LCcustserv@symantec.com.
Thank you for your support.
Sincerely,
Sales Operations
Symantec Corporation
Here's the Dept. of Commerce website that describes the classification and licensing of exported goods: http://www.bis.doc.gov/Licensing/ExportingBasics.h tm
I like teamwork. It's easier to assign blame that way.
Here Here. While I agree with the principles mentioned. In the post. IE the government should not restrict the transport of technology ideas and science between countries the poster is a little overzealous and short of facts in his argument.
.. Well we are at war we need to do X argument that the US government is overusing to restrict the rights of its people.
As an example. The transportation of munitions plans as a whole is over the top. If I try to sell a firearm to Iran then odds are I am selling a product to Iran that they are more then capable of designing themselves. Meanwhile I am improving my countries economic strength. If on the other hand I try to sell the designs to a ICBM nuclear missile to Iran. Then odds are I work for a company that has access to secret design plans and have signed a legal document making this action illegal.
We already have laws. Very effective ones to protect this sort of information. If the information I am selling is available to the US general public then distributing it is by its nature a act of speech. IE the passing of information from one person to another. And restricting its passage is only limiting the freedoms of our own people not preventing those who wish to harm us from getting the information.
And for the poster who submitted the 9/11 comment. The restriction of technology would have in no way prevented that attack. They did not use encryption technology or munitions or anything else. So unless you wish to include information of how to fly an aircraft in your list of banned information it is an invalid comment. And in all honesty is just the sort of
It seems now that any time you disagree with the governments actions you are supporting terrorism. That is not the way a free country should be run.
Whatever you do, don't tell anyone in any other countries the word "FOO". It is our secret. We even have a law saying so, so there!
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Symantec has been told by the Feds to stop exporting LC5? Oh, the horror. Except it's horseshit. I was part of Symantec's aquisition of @stake, and if the Feds have anything to do with this, it's far and away a secondary reason for the restriction.
:) Similarly, they were so terrified of @stake's WebProxy (imho the best app for web app security assessment/pentest) that they deep-sixed it so far that many product and services sales droids were told to deny its existence.
The truth of the matter is that Sym's Legal dept is terrified of LC5, and this is a convenient excuse if it's true at all. Just as they were frightened by the liability and publicity implications of @stake's decompilation and automated app security checking tool, and are "spinning it off." God forbid someone runs that tool against one of their own products. (Not that it's happened.
It's a damn shame. These were great tools. I wonder if it's better to have them die suddenly, than go the Norton route of slow deterioration and bloat...? Criminy, it's only been 14 months since the @stake aquisition, and from what I know since departing there are no products left from @stake and a very small percentage of the @stake staff left. Not a very well-managed investment, if you ask me.
J
I think not...(*poof*)
XP encrypts the crypto keys with the current password value, so if you reset the password, you still dont have access to encrypted bits of the HDD. Unless, of course, the system you have acquired is a laptop/PC in hibernate mode, in which case they will probably be stored in the clear somewhere (I guess :)
...The playstation 3 is banned from export from the US entirely. Sadly, Japan is where its made anyway so its everywhere.
Hmm. I'm a terrorist from Al Qaeda on a computer somewhere in Pakistan/Afghanistan/MiddleEast with an Internet connection. I need strong cyphers.
So hmm lemme see. What do I do? Either:
(1) I cry and whine that the US wont let me BUY a copy of symantec, in a country where 99% of the software is pirated. OR
(2) I google it up and download any tool I need. OR
(3) I goto the local software store and go 'Yo Osama can I have a symantec US edition, and a dvd or oracle, one of websphere and another of windows 2003 datacenter edition as well?'. He goes 'Sure thats (eq 10 cents)'. I go home and build Weapons of Mass Destruction (tm).
I HATE multiple choice.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
A violation of "freedom of speech" would be the feds telling Symantec that they cant create the software in the first place. Restricting where they sell it is not. The first Amendment only guarantees freedom to create speech/expression, not an audience for said expression. By your theory, do you think that porn not being sold to minors is a violation of the publisher's free speech "rights"?
The patent system helped too. When we developed the world's first commercially available RSA chip the RSA patent didn't apply outside the USA (because the principle had been published in academic papers before the patent was granted) and RSA hardware couldn't be exported to compete with ours (because of USA export restrictions).
I remember the days when @Stake sold L0phtcrack for a large chunk of change.
Symantec decided to change it to a less hax0r name, and remove "crack" from all references and replace it with "audit".
Now they want to stop the selling of a product thats almost used exclusively by security professionals around the world to ensure compliance against password mis-use.
Its ironic that Symantec have done exactly they what they said they wouldnt do, screw with the product too much. You just have to visit http://www.atstake.com/ and read their mission statement to the product:
@stake Acquired by Symantec
Welcome to Symantec. Symantec recently acquired @stake. We recognize that the strength of an organization is built on the loyalty of its customers, and we are committed to providing a seamless transition for @stake's customers.
Existing customers should expect business as usual through the transition period and a continuation of the same great service you have come to expect from @stake.
So, let me get this straight, you can no longer legally purchase the software overseas, it is only available bundled with the keygen on Torrentspy?
So the only way to get it now overseas is for FREE?!
WOO HOO!!!
Here: I'll save you the torrentspy search:
http://ts.searching.com/download.asp?id=366179
The horses are already out of the barn, you morons!
Good security is based upon reality and common sense. Common sense is a function of having common knowledge.
5:20pm (GMT)-Downloads the torrent file from "http://www.seedler.org/en/iindex.x?a=info&id=1952 55" 5:21pm (GMT)-Launches Azureus and starts torrent download. 5:26pm (GMT)-Azureus completes download.Also seeing. 5:26pm (GMT)-Runs lc5 Setup 5:27pm (GMT)-lc5 setup complete,runs lc5,runs keygen and unloacks lc5
;)
And to pose the obligitory question: "Does it run on Linux?" the answer is Yes.
The install, the keygen and the program all work perfectly in Linux under wine, and probably with less threat of trojan infestation than installing an unknown h4xx0r torrent on XP or 2K3
because as everyone knows, once the United States Congress passes a law regarding what can and cannot be done on the Internet, everyone the whole world over immediately obeys. Equally, of course, data cannot be sent to a foreign country via the Internet once it has been deemed contraband. I wish our government would just get a grip, and realize that anyone that wants this stuff will get it, with ease, legally or illegally, and it doesn't matter where they are. Yes, the intent may be to hinder anyone that wishes to act against the United States and its citizens, but the only real effect (as always in these cases) is to harm American business. Symantec loses some customers and revenue, and those foreign nationals that want the software grab it from some warez site (or have someone here buy it and send it to them.)
... but not today.
The other, rather arrogant aspect to this is the presumption that only American vendors can write good encryption software. There are plenty of good programmers overseas, and if companies and individuals can't buy what they need from an American vendor, they'll just buy it from a local company. More U.S. businesses lose customers.
I guess I just don't see the point anymore. Maybe twenty years ago
The higher the technology, the sharper that two-edged sword.
yes, but sadly you got moded "Insightful". ...in days like this I think I could loose hope in humanity.
That, or the mods doing some very sophisticated kinds of sarcasm. (see sig.)
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Who cares? We've seen this eons ago with PGP (Pretty Good Privacy). ;-)
Too bad for American business, huh?
I guess it's just a swell opportunity for Canadians.
Main difference between the BSD license and the GPL license: one is from California and the other is from Massachusetts